Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

Github Security Blog
Github Security Blogadded 2022/02/09 11:25 p.m.21 views

Cross site scripting in registration template in xwiki-platform

Impact We found a possible XSS vector in the registerinline.vm template related to the xredirect hidden field. This template is only used in the following conditions: - the wiki must be open to registration for anyone - the wiki must be closed to view for Guest users more specifically the...

7.4CVSS0.5AI score0.00498EPSS
Exploits0References5Affected Software1
Cvelist
Cvelistadded 2022/02/09 9:40 p.m.31 views

CVE-2022-23622 Cross site scripting in registration template in xwiki-platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions there is a cross site scripting XSS vector in the registerinline.vm template related to the xredirect hidden field. This template is only used in the following conditions:...

7.4CVSS7AI score0.00498EPSS
Exploits0References3
NVD
NVDadded 2007/10/29 10:46 p.m.10 views

CVE-2007-5704

Multiple SQL injection vulnerabilities in CodeWidgets.com Online Event Registration Template allow remote attackers to execute arbitrary SQL commands via the 1 Email Address and 2 Password fields in a login.asp and b adminlogin.asp...

7.5CVSS8.5AI score0.00754EPSS
Exploits0References7
seebug.org
seebug.orgadded 2007/10/28 12:0 a.m.25 views

CodeWidget Online Event Registration Template SQL注入漏洞

CodeWidget Online Event Registration Template是一款基于ASP的WEB应用程序。 CodeWidget Online Event Registration Template不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞进行SQL攻击,获得敏感信息或操作数据库。 问题是由于脚本对用户提交的EMAIL地址参数缺少过滤,提交恶意SQL查询作为参数数据,可更改原来的SQL逻辑,攻击者可以获得敏感信息或操作数据库。 CodeWidgets Online Event Registration Template 目前没有详细解决方案提供:...

7.1AI score
Exploits0
Prion
Prionadded 2007/07/31 10:17 a.m.13 views

Sql injection

SQL injection vulnerability in signin.aspx in WebEvents Online Event Registration Template allows remote attackers to execute arbitrary SQL commands via the Password parameter...

7.5CVSS9.1AI score0.00927EPSS
Exploits0References7
CVE
CVEadded 2007/07/31 10:0 a.m.41 views

CVE-2007-4108

CVE-2007-4108 : Concrete details across multiple connected documents show a SQL injection vulnerability in the WebEvents (Online Event Registration Template) application, specifically in the sign_in.aspx component. The vulnerability allows an attacker to manipulate the Password parameter to execu...

7.5CVSS8.4AI score0.00927EPSS
Exploits0References7Affected Software1
CVE
CVEadded 2006/11/21 11:0 p.m.43 views

CVE-2006-6007

The CVE-2006-6007 issue affects WebEvents (Online Event Registration Template) 2.0 and earlier, specifically save_profile.asp. The underlying flaw allows remote attackers to change profiles, passwords, and other information for arbitrary users by altering the UserID parameter. This describes a us...

5CVSS6.9AI score0.00297EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder